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• The system is resigned to be usable in all types of DVD 
products, including DVD stand-alone players, ROM drives 

(computer connected player*) , RAM/R device* (recordable 
drives) ^ 

• The current proposal involve* encryption applied to 
prerecorded met ia and internal computer communications 
of material originating on prerecorded media 

2. Basic outline 

• Sequence: (I) audio/ video data are compressed and then 

scrambled to create prerecorded disk; (2) upon playback 
m a DVD devion, the data are descrambled and then 
decompressed. This approach preserve* the normal 
processing presently used for master preparation for 
studio operations. 

• Upon playback n a DVD device, the data are 
descrambled, followed by audio-video decompression, 
with both functions accomplished within the device for 
stand-alone pluyere. Within a computer, these 
functions could (and probably would) be accomplished in 
through separate functional devices or appropriate 
software . 


Descrambling aid decompression accomplished through the 
us# of software would be subject to some kind of 
"tamper resistant" requirement for the software. An 
security-based requirement equivalent to "tamper 
resistance" wo lid need to be devised to apply to 
hardware appli :ations . 

Copy controls ire not specifically addressed by this 
proposal, but .t is assumsd that such controls would be 
present, either as associated data (as in the original 
CGMS proposal) or embedded data. 


3. Encryption Kavs 

• Three keys are used for each prerecorded work: a disc 

key, a title kiy, and a control key. The control key 
is utilized only in the computer environment, as a part 
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of the interns 1 authentication process during 
transmission c f the other keys to the descrambler and 
associated decoder. 

• All keys are c omposed of less than 40 bits, making them 
not subject t< export control regimes (other than a 
limited number of highly sensitive countries). 



• For each work that a copyright owner wishes to subject 
to this systen, encryption would proceed as follows: 

(1) the content would be scrambled, using the Title Key, 
the algorithms and related system technology. The 
content owner would determine the Title Key on its own. 

(2) the Title Key would be encrypted using the Disc Key 
(obtained fro a a key distribution entity, probably a 
separata part of the independent licensing body 
described beljw). The encrypted Title Key would be 
recorded in tie Sector Header area, which is a "hidden 1 * 
area. ("Hiddin" here and elsewhere in this paper means 
that the area is not readily accessed by the user, 
except throug i the special means described below.) 

This step could either be done by the content owner as 
part of a master tape or by the disc pressing facility 
as part of th* disc encoding process. 

(3) the Disc Key would be converted to "Secured Disc 
Key Data" — effectively encrypting this key — using 
the Disc Key Protection Hardware Logic. The Secured 
Disc Key Data would be written in the hidden area of 
tha disc called the "Lead-in Area". 

(4) the Control Key is provided on the disc for use in 
the authentication process applicable to DVD-ROM 
devices connected in the computer environment. This 
Key is used t o transmit the other keys to the 
descrambler end associated decoder and is independent 
of the contert scrambling/ encryption process itself. 

MOTE: The security of the scrambling/encryption 

process used by studios and disc replication facilities 
is maintains* through both the separate application of 
keys not necessarily held by the same party and the 
sealing of tie Data Scramble, Title Key Encryption, and 
Disc Key Projection Logic functions in hardware. 
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September 17, 1996 

DVD security Managaacmt and Licensing Proposal 


This memorandum win out] ne the proposed structure and operations for the DVD 
Security Management and Licenan 5 Entity (the "Entity*). This Entity should not be 
confused with die overall DVD coi sortium, and the following should bejead as a proposal. 


1 . Goals . 

The Content Scramble Systi m ("CSS”) is designed to provide reasonable security for 
the contents of DVD disks, thereto alleviating concerns of content providers concerning 
unauthorized copying of their copy righted material and facilitating the development of DVD 
technology. The Entity will be ret possible for licensing the technology, supervising the 
provision of security keys and oth< r critical confidential information, enforcing security 
restrictions, and handling central a 1 ministration, all designed to provide security and a level 
playing field to all participants. 

2. Structure- 

The Entity will have three nain components: 

a. Governing B >ard. The Governing Board will direct and supervise the 
activities of the Entity. It will inc ude representatives from various affected industries, 
including the motion picture, com] uter and consumer electronics industries. 

b. Licensing A; ent. Companies wishing to adopt CSS will obtain the 
rights to do so through the Licens ng Agent. 

c. Security Ma iagement Agent. The Security Management Agent 
(*SMA H ) will be responsible for a J ministering encryption-related functions in a manner 
designed to protect the overall CS > system against security breaches. 

• . • • 9 • • mammm • • 1 — • mam * • 

3. Operations. 

a. Scrambling . Di sk contents will be scrambled using keys chosen by the 
content provider or disk replica to: . Those keys will be encrypted either through the use of 
secure hardware provided to conn nt providers or disk replicators or directly by the SMA 
itself. Disk replicators will then include the encrypted keys in hidden areas on the disk. 
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b. T><rramhiing - I icensed DVD players and drives will include special 
secure hardware which can be used to decrypt the hidden keys on the DVD disk. 
Manufacturers will obtain that hard ivare (or the information necessary to manufacture it) 
from the SMA. When a disk is in: tried into a DVD player or drive, the secure hardware 
will decrypt the hidden keys on tha : disk. Those keys will then be used to unscramble the 

contents. 


4. Licenses . 

In order to participate, cont snt providers, disk replicators and hardware manufacturers 
will be licensed by the Licensing / gent. Those licenses will include rights to the technology 
(including neeessarv intellectual pr jperty), and the right to receive necessary information 
from the SMA. Only licensed disl : replicators and/or content providers will have the right to 
receive secure encryption hardwan or encrypted keys from the SMA, and only licensed 
hardware manufacturers will have he right to include specialized hardware capable of 
decrypting and reading scrambled intents. Note that these licenses would be required only 
to encrypt content onto a DVD dis c and to decrypt such content. No license would be 
required from this Entity to manui icture a disk that does not include encrypted contents, or 
for a player or drive that is only a ile to read unencrypted content. 

License-related fees will b< charged only at a level necessary to offset the cost of 
administration. Restrictions on lie ensees will be designed to protect the security of the 
overall system, and to make cenai -» that all participants have a level playing field. Thus, 
license restrictions may require lie ensees to provide a license back of their own necessary 
patents to the Entity and (through the Entity) to other licensees. Licensees would also be 
required to comply with technical specifications, aimed primarily at preventing the creation 

of unauthorized copies. 


5. Copy Control 


Copy control will be accoi iplished through both technical means inherent in the 
encryption itself - e.g., copies ol the encrypted version of the contents will not include the 
keys and will, thus, not be useabii by end users - and through hewsejerms requiring player 
and drive licensees to implement idequate copy controls within their devices and in the 

analog and digital outputs of licet sed devices. • 


a Anainc Outputs NTSC analog outputs of licensed devices will be required 
to implement either the combination AGC/color stripe Macrovision copy control system 
agreed upon in March 1996 in th : legislative recommendations by CEMA and MPAA or 
another copy control system shovn to be equivalent in terms of both its technical capabilities 
and its widespread effectiveness < n both existing and future analog recorders. 
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b. Digital Outputs. Digital outputs will be required to have adequate copy 
control technology as well. The C >S Technology's authentication approach will be defined 
as meeting this requirement. That approach essentially involves the player or drive 
"knocking on the door* of the pros pective receiving device. If the receiving device has the 
proper answer, then the "door" cat be opened and the content let into that device. Only 
receiving devices that are themselv ss licensed will be allowed the information necessary to 
make the proper response. If othe r copy control technology becomes available to provide 
equivalent protection, it will be all swed in place of or in addition to the CSS Technology’s 
authentication approach. 

c. Within Licensed Dfevirra Licensed devices will also be required both to 
protect the content through refusin » to pass keys for encrypted content to unauthorized parts 
of the devices, through securing p ithways along which “in the dear" content may be passed, 
and through reading and respondir g to any copy control information contained in or 
associated with the content (e.g., ; . recording device would refuse to make a recording of 
content where copy control inforn ation indicates that no copying is allowed). Devices 
incapable of performing some or ; 11 of these functions would either not be licensed or would 
be prohibited from carrying conte it to or through portions of devices. 

6. Enforcement 

Enforcement actions woul< be available to be taken against licensees that fail to live 
up to licenses, including specifica ions and security procedures and against unlicensed uses of 
the system. Penalties would inch de revocation of licenses, with other penalties potentially 
available as well. 

m 

Enforcement would be hat died through fast-track arbitration, with provision for 
complaints from licensees as a m ans of initiating actions. Determinations of whether to take 
enforcement action and funding f >r particular enforcement actions would be provided through 
decisions of the Governing Board or a special enforcement committee of the Board. 
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